Techniques for Handling Network Traffic

ABSTRACT

To handle network traffic, a Deep Packet Inspection (DPI) node receives, from a Policy and Charging Rules Function (PCRF) network node, packet inspection control data that maps a specific service to an identifier. The DPI node identifies that a data packet pertains to the specific service. The identifying comprises performing DPI on at least a data section of the data packet. The DPI node notifies the PCRF network node that the DPI node received the data packet and that the data packet pertains to the specific service. The DPI node marks the data packet with the identifier in accordance with the packet inspection control data received from the PCRF network node.

This application is a continuation of U.S. application Ser. No. 16/021,515, filed 28 Jun. 2018, which is a continuation of U.S. application Ser. No. 14/570,007, filed 15 Dec. 2014, which issued as U.S. Pat. No. 10,511,536 on 17 Dec. 2019, which is a continuation application of U.S. patent application Ser. No. 13/262,423, filed 10 Feb. 2012, which issued as U.S. Pat. No. 9,979,661 on 22 May 2018, which is the U.S. National Stage of International Application No. PCT/EP2009/053946, filed 2 Apr. 2009, the disclosures of all of which are herein incorporated by reference in their entireties.

TECHNICAL FIELD

The present invention relates to techniques for handling network traffic.

BACKGROUND

In mobile communication networks it is known to direct network traffic related to a specific service to a bearer with a certain quality of service (QoS). In this respect, a bearer is considered to be an information transmission context or path of defined characteristics, e.g. capacity, delay and/or bit error rate. Typically, a number of bearers will be established between a gateway of a mobile communication network and a user equipment, e.g. a mobile phone or other type of mobile terminal. A bearer may carry downlink (DL) data traffic in a direction from the network to the user equipment, and may carry data traffic in an uplink (UL) direction from the user equipment to the network. In the gateway and in the user equipment the data traffic, which includes a plurality of IP data packets (IP: “Internet Protocol”) can be filtered using IP 5-tuple packet filters, thereby directing the IP data packets to a desired bearer.

Specifically, it is desired to direct data traffic relating to a specific service, e.g. mobile TV, to a bearer offering a certain QoS. For this purpose, DL data traffic may be subjected to a packet inspection so as to identify data packets relating to a specific service. When data packets of a predefined service are detected, this may be signaled to a policy controller. The policy controller may then generate corresponding packet filters and signal these packet filters to the gateway. The gateway then uses the received packet filters to route the data packets to a desired bearer. The bearer typically has a QoS class which was chosen by the network operator for the specific service. In this process, there may also be signaling to the user equipment, e.g. for establishing the bearer and indicating UL packet filters to the user equipment, which should be used to route UL data traffic onto the bearer.

However, the known solution may have problems in that a service may frequently open or close IP packet flows associated with the same service, e.g. as done by certain peer-to-peer file sharing applications. In this case, the result would be extensive signaling so as to establish the packet filters for routing the data packets onto the desired bearer. In addition, the routing of DL data traffic using IP 5-tuple based packet filters requires significant processing resources in the gateway. Further, it may in some cases be difficult or impossible for a packet inspection function to sufficiently describe IP packet flows associated with a specific service and to signal this to the policy controller. For example, this may be the case if the IP packet flows are encrypted or if the service is associated with a large number of IP packet flows, e.g. in the case of certain peer-to-peer file sharing applications.

Accordingly, there is a need for powerful and efficient techniques for handling network traffic, which allow for assigning data traffic of a specific service a desired QoS level.

SUMMARY

According to an embodiment of the invention, a method of handling network traffic is provided. The method includes receiving packet inspection data indicating service-related data traffic of at least one of a specific user and a specific service, receiving policy data of the at least one of the user and the service, and determining a packet filter on the basis of the packet inspection data and the policy data. The packet filter is configured to filter data traffic on the basis of an identifier included into the data packets of the service-related data traffic in response to packet inspection.

According to a further embodiment of the invention, a network component is provided. The network component includes a packet inspection data interface configured to receive packet inspection data indicating service-related data traffic of at least one of a specific user and a specific service, and a policy controller configured to receive policy data pertaining to the at least one of the user and the service. In addition, the network component includes a filter generator configured to determine a packet filter on the basis of the packet inspection data and the policy data, the packet filter being configured to filter data traffic on the basis of an identifier included into data packets of the service-related data traffic in response to packet inspection.

According to a further embodiment of the invention, a method of handling network traffic is provided. The method includes receiving incoming data packets from one of a plurality of bearers, the data packets including a first identifier. The method further includes detecting outgoing data packets including a second identifier which is complementary with respect to the first identifier, and routing the detected outgoing data packets having the second identifier to the same bearer from which the incoming data packets having the first identifier are received.

According to a further embodiment of the invention, a communication device is provided. The communication device, which may be a user equipment or a network component, includes a receiver configured to receive incoming data packets from a plurality of bearers and a transmitter configured to send outgoing data packets on the plurality of bearers. Further, the communication device includes a mirroring function configured to detect incoming data packets including a first identifier and outgoing data packets including a second identifier which is complementary with respect to the first identifier, and to filter the outgoing data packets in such a way that the outgoing data packets having the second identifier are routed to the same bearer from which the incoming data packets having the first identifier are received.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 schematically illustrates a mobile communication environment in which concepts according to embodiments of the invention may be applied for handling DL data traffic.

FIG. 2 schematically illustrates an example of a data packet as used in an embodiment of the invention.

FIG. 3 schematically illustrates a further example of a data packet as used in an embodiment of the invention.

FIG. 4 schematically illustrates an information field in a header section of data packets.

FIG. 5 shows a flowchart for illustrating a method of handling DL data traffic according to an embodiment of the invention.

FIG. 6 schematically illustrates a mobile communication environment in which concepts according to embodiments of the present invention may be applied for handling UL data traffic.

FIG. 7 schematically illustrates an identifier and a complementary identifier in data packets.

FIG. 8 shows a flowchart for illustrating a method of handling UL data traffic according to an embodiment of the invention.

DETAILED DESCRIPTION

In the following, the invention will be explained in more detail by referring to exemplary embodiments and to the accompanying drawings. The illustrated embodiments relate to handling data traffic in a mobile communication network, e.g. according to the 3GPP (Third Generation Partnership Project) specifications. However, it is to be understood that the concepts as described herein may also be applied to other types of communication networks. In connection with FIG. 1-5, concepts for handling DL data traffic, i.e. toward a user equipment, will be described. In connection with FIGS. 6-8, concepts for handling UL data traffic, i.e. from a user equipment, will be described. Concepts of handling DL data traffic and concepts of handling UL data traffic will thus be described separately. Nonetheless, it is to be understood that these concepts may be applied separately or in combination.

FIG. 1 schematically illustrates a mobile communication environment in which DL data traffic is handled in accordance with an embodiment of the invention.

The network environment includes a user equipment 10, which may also be referred to as a terminal, and a number of network components 22, 24, 26, 30, 100. Among these network components there is a Radio Access Network (RAN) 22. The RAN is based on a certain type or certain types of radio access technology, e.g. GSM (Global System for Mobile Communications), EDGE (Enhanced Data Rate for GSM Evolution), or UMTS (Universal Mobile Telecommunications System). Although the RAN 22 is illustrated as a single node, it is to be understood that the RAN 22 may actually be formed of a number of components, which are not further explained herein. The RAN 22 is coupled to a transport node 24, which in turn is coupled to a gateway 26. Here, it is to be understood that alternatively more than one transport node 24 may be coupled between the RAN 22 and the gateway 26 or that the RAN 22 may be directly coupled to the gateway 26. The gateway 26 may be a Gateway GPRS Support Node (GGSN) providing a connection of GPRS-based services (GPRS: “General Packet Radio Service”) to one or more external packet data networks. The gateway 26 may also be a System Architecture Evolution Gateway (SAE GW) according to the 3GPP specifications.

In addition, the mobile communication network includes a policy controller 30, which is implemented as a Policy and Charging Rules Function (PCRF) according to the 3GPP specifications, and a packet inspector 100. The policy controller may be implemented by dedicated hardware or as a software function executed by a processor. The packet inspector 100 may be implemented by dedicated hardware or as a software function executed by a processor. The packet inspector 100 may be configured to implement a Deep Packet Inspection (DPI), which may be based on examining both a header section and a data section of a data packet. Further, the inspection may also be based on collecting heuristic measures such as packet inter-arrival time, sending patterns and packet size. Such heuristics can even be applied in case of encryption. Header sections and data sections may be examined on different protocol layers, e.g. on application layer or lower layers, in order to identify different services and protocols. The inspection can also be performed with respect to control signaling relating to sessions. However, other types of packet inspection processes can be implemented as well, e.g. merely based on an inspection of a header section.

The gateway 26, the policy controller 30, and the packet inspector 100 are typically regarded as components of a core network.

The policy controller 30 communicates with the packet inspector 100 via a signaling path 5. The signaling path 5 may be implemented using the Rx interface or the Gx interface according to the 3GPP specifications. Further, the policy controller 30 communicates with the gateway 26 via a signaling path 6, which may be implemented using the Gx interface according to the 3GPP specifications.

The policy controller 30 is further coupled to a subscription database 32 and to a service policy database 34 via a signaling path 8, e.g. implemented using a Sp interface according to the 3GPP specifications. The policy controller 30 may thus receive policy data relating to a specific user and/or relating to a specific service available in the mobile communication network, e.g. mobile TV.

The policy controller 30 thus provides interfaces for supporting the signaling paths 5, 6, 8.

As further illustrated, service-related data traffic between the network and the user equipment 10 is carried by a number of bearers 52, 54. The service-related data traffic typically pertains to one or more client/peer applications 12 running on the user equipment 10. The bearers 52, 54 are established between the user equipment 10 and the gateway 26. The bearers 52, 54 carry data traffic in both the DL direction and the UL direction, i.e. may also be regarded as being formed of a DL bearer and a UL bearer. For supporting bidirectional communication on the bearers 52, 54, the user equipment 10 is provided with a transceiver structure, i.e. both a receiver 14 for receiving incoming data packets from the bearers 52, 54 and a transmitter 16 for sending outgoing data packets on the bearers 52, 54. The bearers 52, 54 may include a default bearer generally established for offering packet-based services to the user equipment 10 and one or more dedicated bearer 54 which may have different QoS level, e.g. a higher QoS level, than the default bearer. Each bearer 52, 54 may be associated with a corresponding QoS profile. Parameters of the QoS profile may be a QoS class identifier (QCI), an allocation/retention priority (ARP), a maximum bit rate (MBR), and/or a guaranteed bit rate (GBR). Accordingly, each bearer 52, 54 may be associated with a corresponding QoS class.

In the user equipment 10, the data packets are routed to a desired bearer 52, 54 using correspondingly configured UL packet filters 62, 64. In the gateway 26, the data packets are routed to the desired bearers 52, 54 using correspondingly configured DL packet filters 72, 74. Parameters of the QoS profile may be signaled from the policy controller 30 to the gateway 26 using the signaling path 6. Similarly, the DL packet filters 72, 74 to be used in the gateway 26 may be signaled from the policy controller 30 to the gateway 26 via the signaling path 6. As regards the UL packet filters 62, 64 used in the user equipment 10, these may be signaled from the policy controller 30 via the gateway 26. However, in some embodiments as further explained in connection with FIGS. 6-8, the UL packet filters 62, 64 may also be generated in response to data traffic received in the user equipment 10.

In the mobile communication network as illustrated in FIG. 1, DL data traffic of the user equipment 10 passes the packet inspector 100 before being received by the gateway 26. The packet inspector 100 identifies data packets pertaining to one or more pre-defined services and/or pertaining to a specific user. This may be accomplished on the basis of packet inspection control data received from the policy controller 30. If data packets pertaining to a specific pre-defined service are identified, the packet inspector 100 provides a respective indication to the policy controller 30 by sending packet inspection data. In addition, the packet inspector 100 includes a marking function 120, which includes an identifier into the inspected data packet. The marking function 120 may be implemented by dedicated hardware or as a software function running on a processor. The identifier is selected in accordance with the identified service to which the data packet pertains. For example, data packets pertaining to a certain file sharing service may be provided with a first identifier, and data packets pertaining to a certain media streaming service may be provided with a second identifier. Including the identifier into the data packets, or marking the data packets, is thus accomplished on the basis of a packet inspection result or may even be part of the packet inspection process. The identifier may be included into the data packets by setting an information field in a header section of the data packet, e.g. by setting a specific differentiated services code point (DSCP). The mapping of a specific service to a corresponding identifier may be dynamically controlled by the policy controller 30 using the packet inspection control data. In this way, the mapping between a specific service to a corresponding identifier may be dynamically controlled on the basis of policy data. For example, the mapping could vary depending on the time of day or on the day of week.

On the basis of the packet inspection data received from the packet inspector 100 and on the basis of policy data, the policy controller 30 controls the selection and/or configuration of the DL packet filters 72, 74 used in the gateway 26 for routing data packets to desired bearers 52, 54. For this purpose, the policy controller 30 includes a filter generator 35. The filter generator may be implemented by dedicated hardware or as a software function executed by a processor. The filter generator 35 may construct the DL packet filters, select preconfigured DL packet filters from a list, and/or configure selected DL packet filters. The DL packet filters 72, 74 filter the DL data traffic on the basis of the identifier which is included into the data packets by the packet inspector 100. This allows for a highly efficient and reliable filtering process, since the DL packet filters 72, 74 merely need to take into account the identifier included by the packet inspector 100. For example, if the identifier is a DSCP in the header section of the data packets, the DL packet filters 72, 74 merely need to analyze the DSCP information field in the header section of the data packets. In this way, data traffic pertaining to a specific service may be dynamically routed to a desired bearer 52, 54 with a corresponding QoS class.

In the following, concepts of marking inspected data packets will be explained in more detail by referring to exemplary types of data packets.

FIG. 2 schematically illustrates IP data packets of the IP version 4 type. As illustrated, a header section of the data packets includes several information fields, which are referred to as “Version”, “IHL (IP Header Length)”, “Differentiated Services”, “Total Length”, “Identification”, “Flags”, “Fragment Offset”, “Time to Live”, “Protocol”, “Header Checksum” “Source Address”, “Destination Address”, “Options”, and “Padding”. Details concerning these fields are defined in the RFC 791 Specification. The information field termed as “Differentiated Services” is defined in the RFC 2475 Specification. In addition, the header section of an IP data packet will also include information fields which are referred to as “Source Port” and “Destination Port”. Corresponding information fields are defined, for example, by the Transport Control Protocol (TCP) defined in the RFC 793 Specification and the User Datagram Protocol (UDP) as defined in the RFC 768 Specification.

Following the header section, IP data packets are typically provided with a data section, in which different types of payload data traffic may be included.

FIG. 3 schematically illustrates IP data packets according to the IP version 6 type. Again, the header section includes a number of information fields, which are referred to as “Version”, “Differentiated Services”, “Flow Label”, “Payload Length”, “Next Header”, “Hop Limit”, “Source Address”, and “Destination Address”. This structure of the header section is defined in the RFC 2460 Specification. In addition, the header section may also comprise information fields termed as “Source Port” and “Destination Port”, e.g. as defined by the TCP or UDP. Again, the header section will typically be followed by a data section which may carry various types of payload data.

For the purposes of the present disclosure, only the information fields referred to as “Differentiated Services”, “Source Address”, “Destination Address”, “Source Port”, and “Destination Port” will be further discussed. As regards the other information fields, further explanations can be taken from the above-mentioned RFC Specifications.

The information field “Source Address” indicates the IP address from which a data packet originates. Similarly, the information field “Destination Address” indicates the IP address for which the data packet is destined. In IP version 4, the source address and the destination address are 32 bit values. In IP version 6, the source address and the destination address are 128 bit values.

The information field “Source Port” indicates a port number at the source of the data packet, whereas the information field “destination port” indicates a port number at the destination point of the data packet.

On the basis of the source address, the destination address, the source port, and the destination port, an IP packet flow can be defined as a flow of IP packets between a first endpoint defined by the source address and the source port, and a second endpoint defined by the destination address and the destination port. An entity including the source address, the destination address, the source port, the destination port and a protocol identifier is also referred to as “IP 5-tuple”.

The information field “Differentiated Services” is included in both IP version 4 data packets and in IP version 6 data packets. As defined in the RFC 2474 Specification, the information field “Differentiated Services” is an 8 bit value. The structure of this information field is schematically illustrated in FIG. 4.

As illustrated in FIG. 4, six bits of the information field, i.e. bits 0-5, are used to define the Differentiated Services Code Point (DSCP). The other two bits are unused. Using the DSCP, forwarding of the data packets by network nodes may be controlled. For data packets pertaining to different types of services different forwarding procedures may be selected. DSCPs may be standardized. Further, a range of non-standardized DSCPs is available.

In the following, a process of handling DL data traffic in accordance with an embodiment of the invention will be described in more detail. This will be accomplished by referring to the mobile communication network environment as illustrated in FIG. 1.

As mentioned above, the mobile communication network may support a number of QoS classes associated with different bearers. The QoS classes may be identified by a corresponding QCI. For marking identified data packets of a specific service in the packet inspector 100, a dedicated DSCP is defined, e.g. from the range of non-standardized DSCPs. As a result, there can be a dedicated DSCP for each bearer.

Further, a mapping table is defined which maps each service to be detected by the packet inspector 100 to a dedicated DSCP. Different dedicated DSCPs may thus be used for marking data packets pertaining to different services. However, it is also possible that data packets of different services are marked with the same DSCP, e.g. if these services should be assigned to the same QoS class. This mapping table may be maintained by the policy controller 30 and further be communicated to the packet inspector 100, e.g. using the signaling path 5. Alternatively, the packet inspector 100 may also be statically configured with the mapping table. If the mapping table in the packet inspector 100 is dynamically configurable by the policy controller 30, it is also possible to reconfigure the mapping table on the basis of policy data. For example, the mapping table could be reconfigured depending on the time of day or depending on the day of week.

If the packet inspector 100 detects an IP packet flow pertaining to a pre-defined service, this is signaled to the policy controller 30 in the packet inspection data. Further, the marking function 120 of the packet inspector 100 marks the data packets pertaining to the service with the DSCP as defined in the mapping table. For other data packets, i.e. data packets which are not identified as pertaining to a pre-defined service, a default DSCP may be set. For example, the default DSCP may be zero. As an alternative, setting of a DSCP may be omitted for data packets which are not identified as pertaining to a pre-defined service. In the packet inspection data, the packet inspector 100 may also signal a service identifier to the policy controller 30. By means of the service identifier, the identified service and/or the DSCP used for marking the corresponding data packets may be signaled to the policy controller 30. The frequency or event-based triggering of signaling towards the policy controller 30 may be appropriately selected.

In response to the packet inspection data, the policy controller 30 determines a DL packet filter which operates on the basis of the DSCP used for marking the data packets of the identified service. According to an embodiment, the DL packet filter may operate substantially only on the basis of the DSCP used for marking the data packets. The DL packet filter is signaled to the gateway 26.

Using the DL packet filter, the gateway 26 then routes DL data packets which are marked with the DSCP to the corresponding bearer 52, 54. The bearer 52, 54 may be already existing. If the bearer is not existing, it may be established upon receiving the signaling from the policy controller 30. That is to say, if a bearer 52, 54 having the QoS class associated with the DSCP is already established, the DL packet filter will route the filtered data packets to this already existing bearer. If no such bearer is existing, a bearer of the QoS class associated with the DSCP will be established upon receiving the signaling of the DL packet filter from the policy controller 30.

FIG. 5 shows a flowchart for schematically illustrating a method 200 of handling DL data traffic in accordance with the above-mentioned concepts.

In step 210, packet inspection data are received, e.g. in the policy controller 30. The received packet inspection data may include a service identifier which indicates a service to which identified data packets pertain. Further, the packet inspection data may indicate an identifier which is used for marking the data packets in response to packet inspection, e.g. a dedicated DSCP.

In step 220, policy data are received. The policy data may include general policies defined by an operator of a mobile communication network how to handle data packets of a specific service, or may be user-related, i.e. define how to handle data packets of a specific service and a specific user. The policy data may also distinguish between different subscriber groups or may define a volume quota of a user, subscriber, subscriber group or service. Specifically, the policy data may indicate which quality of service class should be given to data packets pertaining to a specific service. This information may vary dynamically, e.g. on the basis of the time of day, the day of week, or used volume quota.

In step 230, a DL packet filter is determined on the basis of the packet inspection data and the policy data. In particular, a DL packet filter is determined which operates on the basis of an identifier included into the data packets in response to the packet inspection process. The DL packet filter is then used for routing the marked data packets to a bearer having the desired QoS class. For this purpose, the determined DL packet filter may be signaled from a policy controller, e.g. the policy controller 30, to a gateway, e.g. the gateway 26.

FIG. 6 schematically illustrates a mobile communication environment in which UL data traffic is handled in accordance with an embodiment of the invention. The mobile communication environment of FIG. 6 is generally similar to that of FIG. 1, and similar components have been designated with the same reference signs. For further details, reference is made to the corresponding explanations in connection with FIG. 1.

According to the concepts as illustrated in FIG. 6, information in DL data packets is used in the user equipment 10 to form local rules for routing UL data packets. Here, it is to be noted that in a mobile communication scenario, a flow of IP data packets is typically bidirectional. Even if the transport of payload data occurs in only one direction, e.g. on the basis of TCP packets, the IP packet flow will typically also include control packets, e.g. TCP acknowledgement packets, transmitted in the opposite direction. Further, the source and destination IP addresses and port numbers of an IP packet flow are typically symmetrical, i.e. the destination endpoint (identified by an IP address and port number) in one direction is the same as the source endpoint (identified by IP address and port number) in the other direction, and vice versa. Due to the symmetry, oppositely flowing packets of the same IP packet flow will have “complementary” address identifiers, and “complementary” port identifiers, which means that the source identifier in one direction is the same as the destination identifier in the other direction.

According to the concepts of handling UL data traffic as explained in the following, it will be assumed that DL data traffic is already mapped to QoS classes and corresponding bearers. This may be accomplished according to the concepts as explained above in connection with FIG. 1. That is to say, the mobile communication environment of FIG. 6 could also include the packet inspector 100 and associated functionalities for handling DL data traffic as explained in connection with FIG. 1. Nonetheless, it is to be understood that other concepts of mapping DL data traffic to QoS classes and bearers are applicable as well.

As illustrated in FIG. 6, the user equipment 10 further includes a mirroring function 220. The mirroring function 220 may be implemented by dedicated hardware or as a software function running on a processor. The mirroring function 220 is configured to detect incoming data packets including a first identifier and outgoing data packets including a second identifier which is complementary with respect to the first identifier. In the complementary identifier, a destination endpoint identifier, e.g. destination IP address and/or destination port, is the same as a source endpoint identifier, e.g. source IP address and/or source port, in the identifier. The first and the second identifier may each be the IP 5-tuple. The mirroring function 220 controls the UL packet filters 62, 64, which are IP 5-tuple based, in such a way that the outgoing data packets having the complementary second identifier are routed to the same bearer from which the incoming data packets having the first identifier are received. In this way, no explicit signaling between the gateway 26 and the user equipment 10 is necessary for selecting or configuring the UL packet filters 62, 64. If the mirroring function 220 detects that a new IP packet flow has been mapped onto a bearer 52, 54 or a new bearer 52, 54 is established, the mirroring function 220 may automatically generate a corresponding UL packet filter 62, 64. If incoming data packets in the DL direction are identified by a specific IP 5-tuple, the UL packet filter 62, 64 will be configured to route outgoing data packets carrying a complementary IP 5-tuple to the same bearer from which the incoming data packets are received.

The structure of an identifier and a complementary identifier, which are based on the IP 5-tuple, are illustrated in FIG. 7. However, it is to be understood that other types of identifiers and complementary identifiers are possible as well. In general, the complementary identifier indicates the source identified in the identifier of an incoming data packet as the destination of an outgoing data packet.

As shown in FIG. 7, an identifier on the basis of the IP 5-tuple may include a source address A, a destination address B, a source port C, a destination port D, and a protocol identifier X. The corresponding complementary identifier will then have a source address B, a destination address A, a source port D, a destination port C, and a protocol identifier X. In other words, in the complementary identifier the source address and the destination address are swapped as compared to the identifier. Similarly, in the complementary identifier the source port and the destination port are swapped as compared to the identifier. The protocol identifier remains unchanged. In other embodiments, different types of identifier and complementary identifier may be used, e.g. on the basis of only a part of the IP 5-tuple. For example, in the complementary identifier, only the source address and the destination address could be swapped as compared to the identifier.

In the following, a process of handling UL data packets in accordance with an embodiment of the invention will be explained in more detail by referring to the structures as shown in FIG. 6.

Initially, UL data packets relating to a specific service may be transmitted from the user equipment 10 to the gateway 26 on an arbitrary bearer, e.g. on the default bearer. The corresponding IP packet flow will then also include data packets transmitted in the DL direction. These data packets will be mapped to a desired QoS class and the corresponding bearer 52, 54, e.g. using the concepts as explained in connection with FIG. 1. This process may also involve establishing a new bearer associated with the desired QoS class.

The mirroring function 220 in the user equipment 10 then detects the incoming data packets which are received from this bearer 52, 54 and generates a “mirrored” UL packet filter 62, 64, operating on the basis of an IP 5-tuple which is complementary to an IP 5-tuple in the received incoming data packets. Here, it is to be understood that different IP packet flows may be present on a single bearer 52, 54 and that multiple UL packet filters 62, 64 may route outgoing data packets onto the same bearer 52, 54. If there is a new IP packet flow with incoming data packets on a bearer 52, 54 or a new bearer is established, a corresponding new UL data packet filter 62, 64 will be generated.

When applying the above-mentioned concepts, the user equipment 10 may be provided with a functionality to indicate to the mobile communication network that it supports the mirroring function 220. For example, this could be included into session management signaling, e.g. during an attach procedure between user equipment 10 and core network. By way of example, an information element could be added to the signaling process, in which the user equipment 10 can indicate that it supports the mirroring function 220. FIG. 6 schematically illustrates a corresponding signal path 2 extending from the user equipment 10. Here, it is to be understood that the signaling path 2 is schematically represented as extending from the user equipment 10 directly to a specific network node, e.g. to the policy controller 30 as illustrated, but typically may be implemented via other network nodes. For example, in an UMTS communication network, the signaling path 2 could extend from the user equipment 10 to a Serving GPRS Support Node (SGSN). In a Long Term Evolution/Service Architecture Evolution (SAE/LTE) communication network, the signaling path 2 could extend from the user equipment 10 to a Mobile Management Entity (MME). From these network nodes, the signaling information can then be forwarded or distributed to other network nodes, e.g. the policy controller 30.

In some embodiments, the information that the user equipment 10 supports the mirroring function 220 may also be distributed between core network nodes, e.g. to the policy controller 30 or to a node supporting a packet inspection function, e.g. the packet inspector 100 as shown in FIG. 1. For this purpose, the Gx interface or the Rx interface according to the 3GPP Specifications may be re-used.

According to some embodiments, a further signaling path 4 may be provided from the mobile communication network to the user equipment 10. Using this signaling path 4, it may be possible to activate or deactivate the mirroring function 220 on a per bearer basis. This may be useful if not all applications or services require this function to be activated. For example, in some cases the IP 5-tuple in data packets of a service may be statically defined and a corresponding static UL packet filter 62, 64 may be used in the user equipment 10. Again, it is to be understood that the signaling path 4 is schematically represented as extending to the user equipment 10 directly from a specific network node, e.g. from the policy controller 30 as illustrated, but typically may be implemented via other network nodes. For example, in an UMTS communication network, the signaling path 2 could extend from a Serving GPRS Support Node (SGSN) to the user equipment 10. In a Long Term Evolution/Service Architecture Evolution (SAE/LTE) communication network, the signaling path 2 could extend from a Mobility Management Entity (MME) to the user equipment 10. These network nodes may in turn receive the signaling information from other network nodes, e.g. the policy controller 30.

In some embodiments, the mobile communication network can signal to the user equipment 10 whether the mirroring function 220 should be applied or not, e.g. using standardized bearer establishment or modification procedures as defined in the 3GPP specifications. A corresponding information element for this purpose could be added to the standardized bearer establishment or modification procedures. In such cases, the signaling from the user equipment 10 to the mobile communication network that the mirroring function 220 is supported could be implemented on a per bearer basis as well. That is to say, the corresponding signaling could specify support of the mirroring function 220 for a new bearer or could modify the support information for an already established bearer.

FIG. 8 shows a flowchart illustrating a method 300 for handling UL data traffic in accordance with the above-mentioned concepts.

In step 310, incoming data packets with a first identifier are received from a bearer. As explained above, the bearer may be associated with a corresponding QoS class, and the first identifier may be an IP 5-tuple.

In step 320, outgoing data packets with a complementary second identifier are detected. This may be accomplished by generating or configuring a “mirrored” UL packet filter which operates on the basis of an IP 5-tuple which is complementary to the IP 5-tuple in the incoming data packets received from the bearer.

In step 330, outgoing data packets with the second identifier are routed to the same bearer from which the incoming data packets with the first identifier are received. Again, this may be accomplished by selecting or configuring a corresponding “mirrored” UL packet filter, e.g. operating on the basis of the complementary identifier or a part thereof.

According to the concepts as explained above, it is possible to dynamically map service-related data traffic to a desired QoS class, e.g. on the basis of user-specific policy data and/or on the basis of service-specific policy data. Further, this mapping could be dependent on the time of day, the day of week or other parameters. A variety of different policies may thus be defined in the policy data for controlling the mapping of the service-related data traffic to a QoS class. One such policy may even be to block data traffic relating to a specific service in the gateway.

Further, the control of QoS on the basis of policy data can be achieved in an efficient manner, without requiring excessive signaling on core network interfaces or to the user equipment. When combining the concepts of handling DL data traffic as explained in connection with FIGS. 1-5 with the concepts of handling UL data traffic as explained in connection with FIGS. 6-8, an efficient solution is obtained which allows for handling both DL data traffic and UL data traffic.

Moreover, the concepts as described above do not rely on establishing bearers which are not needed. Rather, bearers may be established as needed, thereby efficiently using available network resources.

It is to be understood that the concepts as explained above are merely exemplary and susceptible to various modifications. For example, the network nodes as illustrated in FIGS. 1 and 6 need not be implemented as separate nodes, but may be integrated into a single network component. For example, the packet inspector 100 could also be integrated in the gateway 26. The concepts may be applied in various types of mobile communication networks. Finally, it is to be noted that the solution for handling UL data traffic as explained in connection with FIGS. 6-8 is not limited to handling UL data traffic from a user equipment. Rather, these concepts can be generally applied to all situations in which incoming data packets are already mapped to a specific bearer and there are corresponding outgoing data packets. 

What is claimed is:
 1. A method of handling network traffic, implemented in a Deep Packet Inspection (DPI) node, the method comprising: receiving, from a Policy and Charging Rules Function (PCRF) network node, packet inspection control data that maps a specific service to an identifier; identifying that a data packet pertains to the specific service, the identifying comprising performing DPI on at least a data section of the data packet; notifying the PCRF network node that the DPI node received the data packet and that the data packet pertains to the specific service; and marking the data packet with the identifier in accordance with the packet inspection control data received from the PCRF network node.
 2. The method of claim 1, wherein identifying that the data packet pertains to the specific service further comprises inspecting a header section of the data packet.
 3. The method of claim 1, wherein marking the data packet with the identifier comprises setting a Differentiated Services Code Point field in a header section of the data packet to the identifier.
 4. The method of claim 1, wherein notifying the PCRF network node that the DPI node received the data packet and that the data packet pertains to the specific service comprises sending, to the PCRF network node, a service identifier that indicates the specific service to which the data packet pertains.
 5. The method of claim 1, wherein notifying the PCRF network node that the DPI node received the data packet and that the data packet pertains to the specific service comprises sending the identifier to which the specific service is mapped to the PCRF network node.
 6. The method of claim 1, further comprising updating a mapping table that maps services to respective Differentiated Services Code Point values in accordance with the packet inspection control data.
 7. The method of claim 1, wherein the packet inspection control data maps the specific service to the identifier depending on time of day or on the day of week.
 8. The method of claim 1, further comprising sending the marked data packet to a gateway for routing of the marked packet to a bearer, the gateway being outside of a Radio Access Network supporting the bearer.
 9. The method of claim 1, further comprising detecting an IP packet flow pertaining to the specific service and notifying the PCRF network node that the IP packet flow pertaining to the specific service was detected.
 10. The method of claim 1, wherein the data packet is a downlink data packet.
 11. A Deep Packet Inspection (DPI) node, comprising: one or more processing circuits configured to: receive, from a Policy and Charging Rules Function (PCRF) network node, packet inspection control data that maps a specific service to an identifier; identify that a data packet pertains to the specific service, the identifying comprising performing DPI on at least a data section of the data packet; notify the PCRF network node that the DPI node received the data packet and that the data packet pertains to the specific service; and mark the data packet with the identifier in accordance with the packet inspection control data received from the PCRF network node.
 12. The DPI node of claim 11, wherein to identify that the data packet pertains to the specific service, the one or more processing circuits are further configured to inspect a header section of the data packet.
 13. The DPI node of claim 11, wherein to mark the data packet with the identifier, the one or more processing circuits are configured to set a Differentiated Services Code Point field in a header section of the data packet to the identifier.
 14. The DPI node of claim 11, wherein to notify the PCRF network node that the DPI node received the data packet and that the data packet pertains to the specific service, the one or more processing circuits are configured to send, to the PCRF network node, a service identifier that indicates the specific service to which the data packet pertains.
 15. The DPI node of claim 11, wherein to notify the PCRF network node that the DPI node received the data packet and that the data packet pertains to the specific service, the one or more processing circuits are configured to send the identifier to which the specific service is mapped to the PCRF network node.
 16. The DPI node of claim 11, wherein the one or more processing circuits are further configured to update a mapping table that maps services to respective Differentiated Services Code Point values in accordance with the packet inspection control data.
 17. The DPI node of claim 11, wherein the packet inspection control data maps the specific service to the identifier depending on time of day or on the day of week.
 18. The DPI node of claim 11, wherein the one or more processing circuits are further configured to send the marked data packet to a gateway for routing of the marked packet to a bearer, the gateway being outside of a Radio Access Network supporting the bearer.
 19. The DPI node of claim 11, wherein the one or more processing circuits are further configured to detect an IP packet flow pertaining to the specific service and to notify the PCRF network node that the IP packet flow pertaining to the specific service was detected.
 20. The DPI node of claim 11, wherein the data packet is a downlink data packet. 